package com.liyuxiang.controller;

import org.springframework.beans.factory.annotation.Value;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

@RestController
public class HelloController {

    @RequestMapping("/hello")
//    @PreAuthorize("hasAuthority('system:test:lists')")
//    @PreAuthorize("hasAnyAuthority('system:test:lists','test','admin')")
    @PreAuthorize("@mySecurityExpressionRoot.hasAuthority('test')")
    public String hello() {
        return "hello";
    }

    @RequestMapping("/hellos")
    @PreAuthorize("hasAuthority('tests')")
    public String hellos(){
        return "hellos";
    }

}
